Bayt.com

Submitting more applications increases your chances of landing a job.

Here’s how busy the average job seeker was last month:

Opportunities viewed

Applications submitted

Keep exploring and applying to maximize your chances!

Looking for employers with a proven track record of hiring women?

Click here to explore opportunities now!
We Value Your Feedback

You are invited to participate in a survey designed to help researchers understand how best to match workers to the types of jobs they are searching for

Would You Be Likely to Participate?

If selected, we will contact you via email with further instructions and details about your participation.

You will receive a $7 payout for answering the survey.


User unblocked successfully
Vineet Aggarwal, Senior Information Security Consultant

Vineet Aggarwal

Senior Information Security Consultant ·SABIC

Saudi Arabia

Bachelor's degree, Computer Science and Engineering

Work experience

Total years of experience: 26 years, 11 months

Senior Information Security Consultant

June 2017 - Present

SABIC

Jubail, Saudi Arabia

June 2017 - Present

• Implemented ISO 27001:2013 in SABIC Europe region
• Currently leading ISO 27001:2013 implementation in SABIC MEA, APAC and Europe regions; scope includes 26 functions from MEA, 11 functions from Europe and 9 functions from APAC
• Reviewed and updated the Information Security Policies and Procedures
• Prepared the Asset Inventories
• Prepared the Statement of Applicability to reflect the applicable ISO 27001 controls
• Conducting ISO 27001 Annex A controls oriented Gaps Assessment
• Doing the Risk Assessments, and have prepared various Risk Scenarios
• Preparing the Risk Mitigation and Treatment Strategies to tackle the identified risks and fulfil the control requirements
• Delivering Information Security Awareness Sessions across Europe, MEA and APAC regions
• Revised and updated the KPIs and measures of effectiveness for all the information security projects
• Did the GDPR gaps assessment to align with ISO 27001 requirements
• Facilitated the ISO 27001 surveillance audit for SABIC MEA region
Company industry:
Petrochemicals & Refined Petroleum Products Manufacture
Job role:
Information Technology

Senior Consulting Manager

April 2015 - May 2017

Wipro

Bengaluru, India

April 2015 - May 2017

• Performed cloud security assessments
• Established an integrated cyber security audits approach to identify and address risks (integrated the NIST 800-53, ISO 27001, PCI DSS and data privacy aspects)
• Improved the audit reporting templates and automated the follow-ups and closure of the audit gaps
• Did the Test of “Design” and Test of “Operating Effectiveness” of the Wipro Data Center and Critical IT applications and prepared the action plans to ensure proper security controls deployment
• Identified security gaps in the contractual clauses with a large BFSI spread across Europe and UK - when I did the Contractual Obligations—this led to amendment of contracts, assigned clear ownership, and strict deadlines to close the risks which I had reported
Company industry:
IT Services
Job role:
Information Technology

Senior IT Audit Manager

December 2014 - March 2015

Wipro

Bengaluru, India

December 2014 - March 2015

• Performed the Privacy Impact Assessments of the core applications
• Analyzed and overhauled the internal audits approach by suitably integrating technical and cybersecurity aspects leading to in-depth and comprehensive audits rather than only financial focus
Company industry:
IT Services
Job role:
Information Technology

Senior Information Security Consultant

January 2014 - November 2014

Oman LNG

Sur, Oman

January 2014 - November 2014

• Implemented ISO 27001:2013 full implementation, documentation of all ISMS mandatory requirements, policies, procedures, corrective actions and preventive actions
• Mapped the IT and PCD (Industrial Security) controls
• Created the roadmap for integration and compliance
• Created the governance structure covering both IT and OT
• Created the Asset Registers
• Prepared the Statement of Applicability to reflect the applicable ISO 27001 controls
• Conducted ISO 27001 Annex A controls oriented Gaps Assessment
• Did the Risk Assessment
• Prepared the Risk Mitigation and Treatment Strategies to tackle the identified risks and fulfil the control requirements
• Selected SANs in Europe as their Information Security vendor and got their COTs deployed at Oman
Company industry:
IT Services
Job role:
Information Technology

Information Security Consultant

September 2012 - January 2014

Philips

Hyderabad, India

September 2012 - January 2014

• Performed gap analysis, BIA and continuity requirement analysis on the lines of ISO 22301 for Business Continuity
• Created the business continuity strategy for Philips
• Prepared the roadmap for cloud migration
• Facilitated ISO 27001:2013 surveillance by reviewing all ISMS mandatory requirements, policies, procedures, NC tracker status
• Strategized and clubbed the deliverables into sprints and assigned clear ownerships between Philips, Amazon Web Services (AWS), Salesforce, Wipro (onsite and offshore) teams - resulting in CSI jump up from 5 to 7 within 1 quarter itself
• Enhanced the existing format of the Asset Registers
• Performed the BIA (Business Impact Analysis)
• Did the Risk Assessment
• Prepared the Risk Mitigation and Treatment Strategies to tackle the identified risks and fulfil the control requirements
Company industry:
Manufacturing
Job role:
Information Technology

Emergency Performance Manager

November 2011 - September 2012

Ericsson Global

Delhi, India

November 2011 - September 2012

• Created the processes, SLAs and OLAs for disaster recovery
• Established the coordination schemas and workflows resulting in smoother and well-organized handling of the reported downtimes globally
• Built the repository of closure actions and lessons learnt from the resolved emergencies thus further reducing the resolution times globally
Company industry:
IT Services
Job role:
Information Technology

Business Continuity and Disaster Recovery Lead

August 2008 - November 2011

CSC

Delhi, India

August 2008 - November 2011

• Did the vendors assessments and selected BC vendor for the RBS client
• Got the “Right to Audit” clause included in the contracts with BC services vendors
• Started the practice of publishing the ‘Information Security mails’
• Established mechanisms for bomb threat handling
• Supported the ISO 27001 surveillance audits by defending the evidences furnished for closure of the NCs
• Performed the Business Impact Analysis (BIAs)
• Created the Disaster Recovery Plans for critical functions as well as for admin and finance departments
• Created the vulnerability assessment and penetration testing plans in coordination with the IT department
• Participated in creating the regional Business Continuity Plans
• Mentored the team’s leading to themselves keeping the call trees up-to-date
Company industry:
IT Services
Job role:
Information Technology

Information Security Manager

January 2001 - August 2008

Tata Consultancy Services

Delhi, India

January 2001 - August 2008

• Created the unified controls framework by mapping ISO 27001, ISO 22301, NIST SP 800-53 and Critical Security Controls (CSC) to consistently deploy information security
• Reviewed and maintained the various mandatory ISMS documentation, information security policies and procedures
• Deployed anti pass back, and positive identification for issuing the ID cards
• Created the governance structure to
o Regularly keep the Asset Inventories and Risk Assessment Reports regularly updated
o Regularly track and timely close the NCs in a proper manner
• Enforced mandatory retention of access logs by the BMS team for at least 6 months
• Started cross delivery verification of the official couriers
• Prepared the Business Continuity Plans for Finance, Admin and Travel departments
• Established the Fire Committee comprising of the Fire Wardens and Floor Evacuation Marshals
• Created the vulnerability assessment and penetration testing plans in coordination with the IT department
• Conducted Internal Information Security Audits for clients across India specially in the Telecom, BFSI and Manufacturing verticals
Company industry:
IT Services
Job role:
Information Technology

Information Security Consultant

July 1999 - December 2000

Tata Consultancy Services

Delhi, India

July 1999 - December 2000

• Prepared and delivered several Information Security, ITIL and COBIT trainings
• Actively participated in the internal information security Audits of the BFSI, Insurance, Oil and Gas, Telecom and Manufacturing verticals
• Created audit reports for higher management
• Prepared the ITIL oriented processes for problem management and change management
• Actively followed-up with projects and support functions to ensure they understand and prepare the closure actions on the security gaps identified in the internal audits
• Tracked and maintained the closure actions in the centralized repository
Company industry:
IT Services
Job role:
Information Technology

-

-

A hands-on professional with 18 years Information Security experience in cybersecurity lifecycle
management, risk assessment, security controls gaps assessment, ISMS deployment, Data Privacy
assessments, cloud and mobility security enforcements, business continuity deployment, DLP security
assessment, industrial security controls assessment, Information security audits and people
management
Career Highlights
1. Strategized and successfully managed IT Compliance Assessments and deployments
2. Rs 10.75 mn cost recovered - Reviewed the existing processes identifying the payment overpaid
to the transport vendors by Wipro BPO
3. € 10M penalties saved - Identified and plugged the design gaps via which the PII, sensitive and
confidential information can be pilfered; Thus, protected Wipro from being penalized
4. 25% TAT reduction - Simplified the deployed computing processes and ensured that the
operational processes are defined completely and subjected to regular peer reviews
5. Got consistently high Customer Satisfaction Scores, consistently enlisted in Wipro Winner’s Circle
for 4 consecutive years
Job role:
Other

Education

Thapar University

June 1999

June 1999

Bachelor's degree, Computer Science and Engineering

India

GPA (percentage): 84.1%

GPA (percentage): 84.1%

Certified Information Systems Auditor CISA Certified Information Systems Security Professional CISSP Certified Business Continuity Planner CBCP ISO 22301 Certified Lead Auditor ISO 27001 Certified Lead Auditor

Skills

Information Security Management
Expert
Information Security Management
Expert
Risk Management Consulting
Expert
Risk Management Consulting
Expert
Audit Management
Expert
Audit Management
Expert
Business Process Improvement
Expert
Business Process Improvement
Expert
Compliance Management
Expert
Compliance Management
Expert
CUSTOMER RELATIONS
Expert
CUSTOMER RELATIONS
Expert
DELIVERY
Expert
DELIVERY
Expert
HUMAN RESOURCES
Expert
HUMAN RESOURCES
Expert
INFORMATION SECURITY
Expert
INFORMATION SECURITY
Expert
ISO 27001 Deployment
Expert
ISO 27001 Deployment
Expert
People Management
Expert
People Management
Expert
Business Continuity
Expert
Business Continuity
Expert
Disaster Recovery Management
Expert
Disaster Recovery Management
Expert
IT Compliance Audits
Expert
IT Compliance Audits
Expert
Information Security Management
Expert
Information Security Management
Expert
Risk Management Consulting
Expert
Risk Management Consulting
Expert
Audit Management
Expert
Audit Management
Expert
Business Process Improvement
Expert
Business Process Improvement
Expert
Compliance Management
Expert
Compliance Management
Expert

Languages

English
Expert
Punjabi
Expert
Hindi
Expert
Arabic
Beginner